Tech Blog from GCN.com

Apr 13, 2006

Imagine you're a spammer getting ready to launch a spam campaign. It doesn't matter where you got your e-mail addresses, you know a chunk of them will be no good. Those messages are going to bounce back'and you don't want them bouncing back in your direction. So you substitute other, legitimate return addresses. One of them is [email protected]

Now imagine you're working IT for AFedAgency. That spammer's not necessarily out to get you, but when his spam starts bouncing back from outdated or illegitimate addresses, it's coming your way. These spam messages are known as misdirected bounces. And officials from IronPort Systems Inc. expect them to be a growing problem for government agencies.

IronPort is preparing a report that analyzes the extent of misdirected bounces. By the company's estimates, 11 percent of e-mail traffic today is lost spam messages seeking a return address home. If home is within your agency's domain, you could be looking at a form of denial-of-service attack that IronPort's federal manager Tom Topping calls "a fully distributed DOS attack" because it could come from so many different addresses at once.

IronPort's C-Series of mail appliances now includes something called Secure Bouncing, which helps prevent misdirected bounces. It can sense a flood and, for instance, temporarily shut down the [email protected] AFedAgency.gov address. Technology like this could help protect your inbound e-mail stream, but if misdirected bounces grow into a big problem, your outbound e-mail stream could stand a good scrubbing, too.